Following on from Meltdown and Spectre: TU Graz researchers discover new security flaws

Following the discoveries of Meltdown and Spectre, TU Graz researchers Michael Schwarz, Daniel Gruss and Moritz Lipp (from left) have uncovered two serious new security flaws in computer processors. © Lunghammer - TU Graz

ZombieLoad and Store-to-Leak Forwarding are the names of the new exploits which have just been announced by TU Graz security researchers Daniel Gruss, Moritz Lipp, Michael Schwarz and an international team. The three computer scientists were together with TU Graz Professor Stefan Mangard part of the team which discovered the serious security flaws Meltdown and Spectre last year.

ZombieLoad

ZombieLoad uses a similar approach to Meltdown. In order to enable faster processing, computer systems prepare several tasks in parallel, before discarding the ones that are either not needed or for which the necessary permissions have not been given. Due to the way processors are designed, they always have to pass on data, even if it is not correct.

The check for permission only happens once sensitive processing steps, which depend on assumptions made by the computer system, have already been prepared. “In the split second between the command and the check, using this new form of attack we can see the pre-loaded data from other programs,” explains Gruss. In other words, the researchers can read what the computer is currently processing.

The KAISER patch developed by a team at TU Graz provided a simple solution for Meltdown, which affected the speed of a computer. Coming up with a solution for ZombieLoad attacks could be more difficult, says Gruss:

“Every CPU has multiple cores, and each of these cores is also split in two. This means several programs can run simultaneously. We think that one of these two parts of each core has to be disabled.” That would mean a 50% drop in performance. Or in clouds, which are also vulnerable to this method of attack, 50% fewer potential users on the same hardware.
All processors developed by Intel that were manufactured between 2012 and the beginning of 2018 are affected. More information: https://zombieload.com/zombieload.pdf

Store-to-leak forwarding

Store-to-leak forwarding also reads pre-loaded data by exploiting the efficient way in which computer processors function. “The computer assumes that I want to use the data which I have just written to the processor again right away. So it keeps it in the buffer for faster access,” explains Gruss. This functionality can also be used to determine the architecture of the computer processor and find the exact location where the operating system is running. “If I know exactly where the processor is running the operating system, then I can launch targeted attacks against flaws in the operating system.” More information: https://cpu.fail/store-to-leak.pdf

New updates urgently required

The researchers immediately reported their discoveries to Intel, which has been working on a solution ever since. “Computer users should install all new updates without delay to ensure that their systems are protected,” recommends Gruss.

The research was funded by the ERC project Sophia, the project DESSNET and the project ESPRESSO as well as by a donation from the manufacturer Intel.

Research partners:
Daniel Gruss, Moritz Lipp, Michael Schwarz, Claudio Canella und Lukas Giner – Graz University of Technology (TU Graz)
Daniel Moghimi, Worcester Polytechnic Institute
Jo Van Bulck, imec-DistriNet, KU Leuven
Julian Stecklina, Cyberus Technology
Thomas Prescher, Cyberus Technology

Graz University of Technology ( TU Graz)
Institute of Applied Information Processing and Communications
Inffeldgasse 16a, 8010 Graz, Austria
www.tugraz.at

Daniel GRUSS
Ass.Prof. Dipl.-Ing. Dr.techn. BSc
Phone: +43 316 873 5544
Email: daniel.gruss@iaik.tugraz.at

Moritz LIPP
Dipl.-Ing. BSc
Phone: +43 316 873 5563
Email: moritz.lipp@.iaik.tugraz.at

Michael SCHWARZ
Dipl.-Ing. BSc
Phone: +43 316 873 5537
Email: michael.schwarz@.iaik.tugraz.at

https://zombieload.com/zombieload.pdf
https://cpu.fail/store-to-leak.pdf

https://www.tugraz.at/en/tu-graz/services/news-stories/media-service/singleview/…

Media Contact

Barbara Gigler Technische Universität Graz

Alle Nachrichten aus der Kategorie: Information Technology

Here you can find a summary of innovations in the fields of information and data processing and up-to-date developments on IT equipment and hardware.

This area covers topics such as IT services, IT architectures, IT management and telecommunications.

Zurück zur Startseite

Kommentare (0)

Schreib Kommentar

Neueste Beiträge

Surplus sugar helps whiteflies detoxify plant defenses

This pest insect uses sugar from its food to prevent the activation of the mustard oil bomb in cruciferous plants. Worldwide dreaded crop pest of hundreds of plant species Whiteflies…

Copycat plant booster improves on nature

A molecule that can mimic the function of zaxinone, a natural growth-promoting plant metabolite, has been designed and fabricated by an international team led by KAUST and the University of…

Discovery of large family of two-dimensional ferroelectric metals

It is usually believed that ferroelectricity can appear in insulating or semiconducting materials rather than in metals, because conducting electrons of metals always screen out the internal static electric field…

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close